From the course: Kubernetes Threat and Attack Detection by Pearson
Join today to access over 25,200 courses taught by industry experts.
Policy enforcement with VAP - Kubernetes Tutorial
From the course: Kubernetes Threat and Attack Detection by Pearson
Policy enforcement with VAP
In this demonstration, we're going to take a look at using validating admission policies to be able to enforce the immutability. In the previous lesson, we saw that immutability can be configured very easily, but we have to rely on someone deploying it that way. Well, that's obviously something that we want to be able to enforce, and validating admission policies are an easy way to do it. And yes, you can use Kaverno. You can use Opa Gatekeeper. There are a lot of different ways. But validating emission policies are built into Kubernetes. And as of 1.30, they've got the ability now to be able to use the CEL library, which allows you to be able to create some really sophisticated capabilities natively within Kubernetes. So that expression language is really nice. And it's something that you're going to see probably more and more. And I would be very surprised if you You don't see that on some exam topics. Now, as far as the configuration goes, let's take a quick look at it. We want to…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.